-
Notifications
You must be signed in to change notification settings - Fork 27.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
How to install plugins behind a proxy with a self-signed certificate? #155
Comments
same problem here. |
Duplicate of #69 |
suggest to reference atom's implementation, by using strict-ssl = false |
This might not be a dupe after all, thanks @iamzhout! |
@joaomoreno Welcome, hope this issue could be fixed soon :-) otherwise many corporate users may not be able to install extensions and make full use of vscode. |
Same issue here, but with a corporate proxy and authentication (no certificate). I get a getaddrinfo ENOTFOUND marketplace.visualstudio.com vmarketplace.visualstudio.com:443 (although I'm able to check & install upgrades with http_proxy and https_proxy env variables). |
Same issue here, with the similar error to @RobertoMD:
Have set http.proxy and https.proxy settings values. VS Code updates work fine; only Extensions Marketplace seems broken. |
+1 |
eaa5bcf introduces a new configuration setting |
Will this be in Dec 2015 milestone? |
Yes it will. |
How do I enable this setting? Currently running v0.10.3. I have tried adding it to the User Settings (as well "http.proxy") and still getting the same error. Oh. just re-read looks like this is in the end of December release. |
NOK for me for 0.10.6, also reported in issue 69 thread |
@iamzhout did you apply this workaround? |
@joaomoreno Yes, I have applied this patch, and restarted vscode, still the same error. |
Can you somehow show me how I can reproduce your case? Eg: how to set up an untrusted proxy? |
@joaomoreno hmm, I think this should be something like SSLStrip, by replacing the https cert from original website to private ones, like this tool shows, though I didn't tried this myself. Anyway, the |
Atom's implementation is similar to ours. I've just spent one hour trying to set up this scenario on my dev machine and yielded no significant results. I would love if someone can provide me an environment in which I can reproduce this and fix it myself. Maybe some of you guys have proxies which I can use? Maybe you'd like to tackle this @iamzhout, since you seem to be able to reproduce this effortlessly? |
@joaomoreno there is of course no way to give my company proxy to you, as you can not access.
If there is anything I can do to help, please just tell me. /Tao |
Ok, I think I got it. I was able to get the same untrusted error using the Charles proxy software. I was then finally able to figure out why the setting was being ignored. Pushed a fix. Can I ask you to test this out? I've uploaded a build with the fix in. Please close any Code instances, extract it and run the |
Still get the "unable to verify the first certificate" error with the new build. I've never gotten the error about the cert being self-signed. Can I enable logging or get some kind of debug output for you? That might help. As an aside, I actually get a similar issue (unable to verify first certificate) when I try to run a locally compiled vscode from the source tree, right when EDIT: Looking at
in proxy.ts - is the strictSSL flag ignored if a proxy URL isn't set? That would explain why just setting |
@joaomoreno Your fix build just works for me, now extensions could be installed successfully, thanks for your great work! |
@iamzhout Awesome, many thanks for the confirmation! @bleggett You're absolutely right, I didn't realise these options could be used independently. I assume you set your proxy address via the |
@joaomoreno That build doesn't work either, sadly. No, those variables are not set on my box. Since I'm in a corporate setting I have an IT department that apparently doesn't expect me to have to know the proxy URL because they route all traffic through it, so with other node-based stuff I've not had to set a proxy http/https URL to get things working, I've just disabled strict SSL. I assume the reason this has worked with other node-based stuff is because strictSSL = false has been treated as a global flag that disables strict cert checking regardless of the other proxy settings. |
@joaomoreno I have set http.proxy, https.proxy and http.proxyStrictSSL = false, I want to install extensions: With the latest decembe release: I get a blue loading bar after a few seconds it says: With your first build you posted here: I just get an endless loading bar and nothing happens. With your second build you posted here: I just happens nothing, it instantly closes the prompt without any result. Any idea? UPDATE: I have had a look into the developer console. Access Denied (authentication_failed) My settings.json looks like this: // Place your settings in this file to overwrite default and user settings.
} The thing is, i am acutally using the same source of the http.proxy value in my git, npm and bower proxy config. I Also set this up for HTTP_PROXY and HTTPS_PROXY. Thats where i copy/pasted it from. And well, it just works fine there. |
@bleggett Thanks for the explanation. Sorry for all the ping-pong with the builds and all, but I just can't seem to reproduce your scenario, so we'll have to try to catch it this way. I've noticed that we can also set |
@FloMaetschke moved your issue to #1942 |
@joaomoreno No problem at all, willing to test whatever you need, thanks for sticking with this. The new build finally shows me the list of extensions to install, so that part works now. Trying to install or click on one of them gives me the same "unable to verify first cert" error I had before. So whatever you did is an improvement, it just doesn't seem to be applied to package downloads/install. |
Interesting: I get this:
but only when actually trying to install the extension (browsing the list works just fine). I've set |
@aldanor This seems to be the issue reported when the bug was reopened. Please give this build a try. Let me know if you still get the issue. |
This worked for me. Thanks! |
@joaomoreno Woot, thanks, that works fine. |
🎆 Fix will be out with the next release of VS Code. Many thanks to all that put up with this ping-pong! 🍻 |
@joaomoreno I'm now issue the same proxy problem, and have read all posts. But the build you mentioned above can't be downloaded, it says 'AuthenticationFailed'. Could you please provider a new package? |
Got it. Thanks! 👍 |
Same issue, can I have the build that works? |
@nadeem-aslam This is already fixed in 0.10.8. |
Updated and works great! |
For anyone new doesn't want to sift through all the posts. In 0.10.11, this works: Set Motion to close. |
Motion granted. |
I'm using vs code behind a proxy with a self-signed certificate, when i try to install plugins and typing "ext install ", it shows an error "unable to verify the first certificate".
The text was updated successfully, but these errors were encountered: